Free visualization tool helps government agencies, businesses in their DNSSEC implementations
A Sandia National Laboratories computer scientist has developed a free visualization tool to help the federal government and other organizations with their Domain Name System Security (DNSSEC) implementations.
Casey Deccio built the Web-based tool, DNSViz, as a way for network administrators implementing DNSSEC to be sure they are deploying it correctly. The tool serves up a visual analysis for the user of the DNSSEC authentication chain for a domain and its path to the DNS.
Deccio came up with the idea for the tool after noticing that federal agencies were struggling to properly deploy DNSSEC. “DNSSEC is hard to configure correctly and has to undergo regular maintenance,” he said. “It adds a great deal of complexity to IT systems, and if configured improperly or deployed onto servers that aren’t fully compatible, it keeps users from accessing .gov sites. They just get error responses.”
DNSSEC has been gradually rolling out across the Internet during the past year or so. Several major top-level domains, in addition to .gov -- including .com, .org, and .net -- are now DNSSEC-enabled. Now it’s up to the individual organizations under those top-level domains to move to the protocol. DNSSEC basically prevents attackers from redirecting users to malicious websites by redirecting them; it ensures DNS entries remain unchanged in transit and are digitally signed to ensure their authenticity.
The online tool analyzes the DNS zone's status, and finds any DNSSEC configuration errors.
Deccio plans to add alerts and APIs to the tool so that network administrators can integrate it with other tools besides via the Web. He plans to keep it as an open-source project and evolve it into a scalable monitoring system.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024